Hi there,
How is it possible to analyze windows log, lotus notes file and sample sap log files in the system. The purpose is to review admin and activity logs privileges in the system.
Is there other alternatives like sawmill and what can it do?
Any advice is much appreciated.
To analyze Windows logs , I would suggest you to install 'Splunk universal forwarder' (http://www.splunk.com/en_us/download/universal-forwarder.html#) choose your os version and type appropriately.
Continue the installation , and it prompts you to monitor for several logs, files , etc.
Configuration , Installation , forwarding, receiving, docs - FYR
http://docs.splunk.com/Documentation/Splunk/6.2.3/Forwarding/Setupforwardingandreceiving
http://docs.splunk.com/Documentation/Splunk/6.2.3/Forwarding/Configureforwarderswithoutputs.confd
http://docs.splunk.com/Documentation/Splunk/6.2.3/Updating/Exampleaddaninputtoforwarders
Hi,
to be exact I am trying to analyze this type of log files.(File Server & Windows CPRS Log)
Level Date and Time Source Event ID Task Category
Information 10-Feb-15 11:02:17 AM Microsoft-Windows-Security-Auditing 4780 User Account Management "The ACL was set on accounts which are members of administrators groups.
Subject:
Security ID: ANONYMOUS LOGON
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x3e6
Target Account:
Security ID: CISCODOMAIN\IS Account Operators
Account Name: IS Account Operators
Account Domain: DC=ciscodomain,DC=local
Any advise?